Skip to content

On the Security of Client Platforms

Anything the mind of man can make, the mind of man can break.

Realizing this, one needs to shift their perception of how to view client platform security. Theoretical analysis is good. However, practical application is what should define security evaluation. Which platform is more secure in practice? Anyone can justify any OS’s security. However, the proof is in the pudding. For example, Unix has been used for government/financial servers for a long time. Windows Server has been used, and I would argue that the Windows servers have proved themselves much more vulnerable over an extended period. Just ask any system administrator.

Take a look at Linux. If there is any platform with serious potential vulnerability, it would be Linux. Since the code is so open, and written by so many uncoordinated, imperfect people, there is vast potential for holes. However, in practical usage, it is one of the most secure platforms available. When holes are found, they are quickly patched by the open source community. Most Linux users are reasonably tech-savvy, and don’t fall for many of the same social engineering tricks that Windows users do. It is arguably a secure platform.

This also leads to another point. The bigger the target, the more attackers will aim at it. Just because you are a smaller target does not mean you are less secure. Even if you are more vulnerable, the fact that you are being attacked less provides security. I for one do not want to be the tank shot at on the battlefield. I’d prefer to be the sniper, vulnerable, but inconspicuous and hardly fired upon.

Articles such as the recent PCWorld piece1 hyping how the iPhone was first to fall in the PWN2OWN contest, and how the Macs and iPhones are no less vulnerable than Windows, are worthless drivel. One needs to accept that everything can be broken. Even RSA1024 was recently broken2. However, the fact that a platform was broken/hacked (by methods devised in the months prior) does not mean it is less secure in practical usage. I have yet to have one of my Mac installations infected or broken, while the Windows 7 install (which I only use to manage home servers or test a site in IE) has been attacked twice, and infected once.

Let’s stop defending our idealistic points and accept reality shall we? Mac, Linux, and Unix are all platforms that can be violated. However, in practical usage, they are more secure than the Microsoft Windows platform.

  1. http://www.pcworld.com/article/189760/hacking_impresario_windows_safer_than_mac.html
  2. http://www.ns.umich.edu/htdocs/releases/story.php?id=7551
Be Sociable, Share!

Posted in Featured Articles, General, Technology.

Tagged with , , , , , , .

No comments

By Wes Kroesbergen March 29, 2010

0 Responses

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.



Some HTML is OK

or, reply to this post via trackback.

« »